CVE-2007-2112

Name of the Vulnerable Software and Affected Versions Oracle Database versions 10.1.0.5 through 10.2.0.3

Description The issue concerns an unspecified vulnerability in the Authentication component, allowing remote authenticated users to bypass the AUTH ALTER SESSION security policies via a logon trigger, specifically the "AFTER LOGON ON DATABASE" trigger directive.

Recommendations For Oracle Database versions 10.1.0.5 through 10.2.0.3, consider restricting access to the logon trigger functionality as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.